﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.Mvc;
using System.Security.Principal;

namespace WebApp.Utility
{
  
    public class AuthorizationAttribute : AuthorizeAttribute
    {

        protected override bool AuthorizeCore(HttpContextBase httpContext)
        {
            if (httpContext == null)
            {
                throw new ArgumentNullException("httpContext");
            }
            IPrincipal user = httpContext.User;
            if (!user.Identity.IsAuthenticated)
            {
                return false;
            }

#warning Write better code to match role. Contains is not a proper method Call Ajit For more information 
            if ((this.Roles.Length > 0) && (!this.Roles.Contains(ReturnUserRole(user.Identity.Name))))
            {
                return false;
            }

            return true;
        }

        private string ReturnUserRole(string name)
        {
            if (HttpContext.Current.Session["User"] == null)
            {
                return "~";
            }
            //User user = (User)HttpContext.Current.Session["User"];
            //return user.Role.RoleName
            return "";
        }

    }
}